ClientRegistrationRepository Bean is not found

Question

I am trying to configure an OAuth2 client using Spring Boot. I have the following dependencies:

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-webflux</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-oauth2-client</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-oauth2-jose</artifactId>
    </dependency>

And I have added these properties to my application.yaml:

  security:
    oauth2:
      client:
        registration:
          azure:
            client-id: ****
            client-secret: ****
            authorization-grant-type: client_credentials
        provider:
          azure:
            authorization-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/authorize
            token-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/token
            jwk-set-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/discovery/v2.0/keys

As I understand it from the Spring documentation, this should be enough to auto-configure a ClientRegistrationRepository ("Spring Boot 2.x auto-configuration binds each of the properties under spring.security.oauth2.client.registration.[registrationId] to an instance of ClientRegistration and then composes each of the ClientRegistration instance(s) within a ClientRegistrationRepository. The auto-configuration also registers the ClientRegistrationRepository as a @Bean in the ApplicationContext so that it is available for dependency-injection, if needed by the application.".

I have the following code:

package com.sky.bnc.azurespring

import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
import org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
import org.springframework.web.reactive.function.client.WebClient

@Configuration
class WebConfiguration {

    @Bean
    fun authorizedClientManager(clientRegistrationRepository: ClientRegistrationRepository, authorizedClientRepository: OAuth2AuthorizedClientRepository): OAuth2AuthorizedClientManager {
        val authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder
                .builder()
                .authorizationCode()
                .refreshToken()
                .clientCredentials()
                .build()

        val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)

        return authorizedClientManager
    }

    @Bean
    fun webClient(authorizedClientManager: OAuth2AuthorizedClientManager): WebClient {
        val oauth2Client = ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager)
        oauth2Client.setDefaultClientRegistrationId("azure")

        return WebClient
                .builder()
                .apply(oauth2Client.oauth2Configuration())
                .build()
    }
}

But when I try and run the application I get this error:

APPLICATION FAILED TO START
***************************

Description:

Parameter 0 of method authorizedClientManager in com.sky.bnc.azurespring.WebConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' that could not be found.


Action:

Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.


Process finished with exit code 1

I don't understand what the problem is, I have followed many examples and it seems like it should just be working.

score 4 · Answer 1 · answered Jun 22 '21 at 13:18

The ClientRegistrationRepository refers to the configuration of the OAuth client in a blocking environment, not reactive. In case you build your application to be fully reactive, consider using the ReactiveClientRegistrationRepository implementation. Spring security project has an example project of how to use that one.

However, you could still mix the reactive and blocking approaches in the same application, although not terribly recommended, there is still a use case for that. For this, you only need to add the spring-boot-starter-web dependency, so that the blocking servlet implementation is added to the classpath. You could watch this talk where this approach is used.

official docs here https://docs.spring.io/spring-security/reference/reactive/oauth2/client/index.html — Matthias Wiedemann, Mar 15 '23 at 15:42

score 1 · Answer 2 · answered Mar 30 '21 at 21:22

1

Define the following properties:

azure.activedirectory.client-id=
azure.activedirectory.client-secret=
azure.activedirectory.tenant-id=
azure.activedirectory.authorization-clients.graph.scopes=https://graph.microsoft.com/Analytics.Read, email

answered Mar 30 '21 at 21:22

Patrick Andrew Jansen

11
1

score 1 · Answer 3 · answered Sep 08 '22 at 16:23

1

Indentation issue,

spring:
 security:

ref : click here

answered Sep 08 '22 at 16:23

Takouo Gnegneri Franck Kris-ke

117
1
4

This wasn't the answer to my issue, but as it turns out, I was missing this section. Adding it and providing the correct parameters fixed it. Thanks for your answer! – J Steven Perry Aug 16 '23 at 15:43

score 0 · Answer 4 · answered Nov 10 '20 at 11:35

The issue you are facing is due to the configuration in application.yaml file. Please check everything is correct.

Since you are implementing oauth for Azure AD the configuration must look like below,

# Specifies your Active Directory ID:
azure.activedirectory.tenant-id=22222222-2222-2222-2222-222222222222

# Specifies your App Registration's Application ID:
spring.security.oauth2.client.registration.azure.client-id=11111111-1111-1111-1111-1111111111111111

# Specifies your App Registration's secret key:
spring.security.oauth2.client.registration.azure.client-secret=AbCdEfGhIjKlMnOpQrStUvWxYz==

# Specifies the list of Active Directory groups to use for authorization:
azure.activedirectory.user-group.allowed-groups=Users

For complete step-by-step guide please refer here.

ClientRegistrationRepository Bean is not found

4 Answers4

Linked